Design-Agnostic Distributed Timing Fault Injection Monitor With End-to-End Design Automation

Fault injection attacks (FIAs) induce hardware failures in circuits and exploit these faults to compromise the security of the system. It has been demonstrated that FIAs can bypass system security mechanisms, cause faulty outputs, and gain access to secret information. Certain types of FIAs can be m...

Full description

Saved in:
Bibliographic Details
Published in:IEEE journal of solid-state circuits 2024-12, p.1-12
Main Authors: He, Yan, Su, Yumin, Yang, Kaiyuan
Format: Article
Language:English
Subjects:
Circuit faults
Clocks
Delay locked loop (DLL)
Delays
design automation
fault injection attacks (FIAs)
fault injection monitors
hardware security
Logic gates
Monitoring
Registers
Sensors
Temperature measurement
Temperature sensors
Voltage
Online Access:Get full text
Tags: Add Tag
No Tags, Be the first to tag this record!
cited_by
cites
container_end_page 12
container_issue
container_start_page 1
container_title IEEE journal of solid-state circuits
container_volume
creator He, Yan
Su, Yumin
Yang, Kaiyuan
description Fault injection attacks (FIAs) induce hardware failures in circuits and exploit these faults to compromise the security of the system. It has been demonstrated that FIAs can bypass system security mechanisms, cause faulty outputs, and gain access to secret information. Certain types of FIAs can be mounted with little effort by tampering with clock signals and/or the chip's operating conditions. To mitigate such low-cost, yet powerful attacks, we propose a fully synthesizable and distributable in situ fault injection monitor that employs a delay locked loop (DLL) to track the pulsewidth of the clock. We further develop a fully automated design framework to optimize and implement the FIA monitors at any process node. Our design is fabricated and verified in 65-nm CMOS technology with a small footprint of 1500 \mu m ^2 . It can lock to clock frequencies from 2 MHz to 1.26 GHz while detecting all 12 types of possible clock glitches, as well as timing FIA injections via the supply voltage, electromagnetic (EM) signals, and chip temperature.
doi_str_mv 10.1109/JSSC.2024.3504546
format article
fullrecord <record><control><sourceid>ieee</sourceid><recordid>TN_cdi_ieee_primary_10777000</recordid><sourceformat>XML</sourceformat><sourcesystem>PC</sourcesystem><ieee_id>10777000</ieee_id><sourcerecordid>10777000</sourcerecordid><originalsourceid>FETCH-LOGICAL-i106t-cc9b769cbdabb439f3cc4a4a5beca5af3621e1c96cb02826cc497838620807a93</originalsourceid><addsrcrecordid>eNotjL1OwzAYRT2ARCk8ABKDX8Dh808ce4zSlhYVMbSIBamyHSe4ahyUuANvT1CZjq7u0UHogUJGKeinl92uyhgwkfEcRC7kFZoBUEU0A7hBt-N4nKYQis7Q58KPoY2kbGM_puDwIoxpCPacfI33oQuxxStzPiW8iUfvUugjfu1jSP2AP0L6wstYk9STCfiSwuU59Z35M-_QdWNOo7__5xy9r5b7ak22b8-bqtySQEEm4py2hdTO1sZawXXDnRNGmNx6Z3LTcMmop05LZ4EpJqdXF4oryUBBYTSfo8dLN3jvD99D6Mzwc6BQFAUA8F8WNFFP</addsrcrecordid><sourcetype>Publisher</sourcetype><iscdi>true</iscdi><recordtype>article</recordtype></control><display><type>article</type><title>Design-Agnostic Distributed Timing Fault Injection Monitor With End-to-End Design Automation</title><source>IEEE Xplore (Online service)</source><creator>He, Yan ; Su, Yumin ; Yang, Kaiyuan</creator><creatorcontrib>He, Yan ; Su, Yumin ; Yang, Kaiyuan</creatorcontrib><description><![CDATA[Fault injection attacks (FIAs) induce hardware failures in circuits and exploit these faults to compromise the security of the system. It has been demonstrated that FIAs can bypass system security mechanisms, cause faulty outputs, and gain access to secret information. Certain types of FIAs can be mounted with little effort by tampering with clock signals and/or the chip's operating conditions. To mitigate such low-cost, yet powerful attacks, we propose a fully synthesizable and distributable in situ fault injection monitor that employs a delay locked loop (DLL) to track the pulsewidth of the clock. We further develop a fully automated design framework to optimize and implement the FIA monitors at any process node. Our design is fabricated and verified in 65-nm CMOS technology with a small footprint of 1500 <inline-formula> <tex-math notation="LaTeX">\mu</tex-math> </inline-formula>m<inline-formula> <tex-math notation="LaTeX">^2</tex-math> </inline-formula>. It can lock to clock frequencies from 2 MHz to 1.26 GHz while detecting all 12 types of possible clock glitches, as well as timing FIA injections via the supply voltage, electromagnetic (EM) signals, and chip temperature.]]></description><identifier>ISSN: 0018-9200</identifier><identifier>DOI: 10.1109/JSSC.2024.3504546</identifier><identifier>CODEN: IJSCBC</identifier><language>eng</language><publisher>IEEE</publisher><subject>Circuit faults ; Clocks ; Delay locked loop (DLL) ; Delays ; design automation ; fault injection attacks (FIAs) ; fault injection monitors ; hardware security ; Logic gates ; Monitoring ; Registers ; Sensors ; Temperature measurement ; Temperature sensors ; Voltage</subject><ispartof>IEEE journal of solid-state circuits, 2024-12, p.1-12</ispartof><lds50>peer_reviewed</lds50><woscitedreferencessubscribed>false</woscitedreferencessubscribed><orcidid>yumin.su@rice.edu ; kyang@rice.edu</orcidid></display><links><openurl>$$Topenurl_article</openurl><openurlfulltext>$$Topenurlfull_article</openurlfulltext><thumbnail>$$Tsyndetics_thumb_exl</thumbnail><linktohtml>$$Uhttps://ieeexplore.ieee.org/document/10777000$$EHTML$$P50$$Gieee$$H</linktohtml><link.rule.ids>314,780,784,27924,27925,54796</link.rule.ids></links><search><creatorcontrib>He, Yan</creatorcontrib><creatorcontrib>Su, Yumin</creatorcontrib><creatorcontrib>Yang, Kaiyuan</creatorcontrib><title>Design-Agnostic Distributed Timing Fault Injection Monitor With End-to-End Design Automation</title><title>IEEE journal of solid-state circuits</title><addtitle>JSSC</addtitle><description><![CDATA[Fault injection attacks (FIAs) induce hardware failures in circuits and exploit these faults to compromise the security of the system. It has been demonstrated that FIAs can bypass system security mechanisms, cause faulty outputs, and gain access to secret information. Certain types of FIAs can be mounted with little effort by tampering with clock signals and/or the chip's operating conditions. To mitigate such low-cost, yet powerful attacks, we propose a fully synthesizable and distributable in situ fault injection monitor that employs a delay locked loop (DLL) to track the pulsewidth of the clock. We further develop a fully automated design framework to optimize and implement the FIA monitors at any process node. Our design is fabricated and verified in 65-nm CMOS technology with a small footprint of 1500 <inline-formula> <tex-math notation="LaTeX">\mu</tex-math> </inline-formula>m<inline-formula> <tex-math notation="LaTeX">^2</tex-math> </inline-formula>. It can lock to clock frequencies from 2 MHz to 1.26 GHz while detecting all 12 types of possible clock glitches, as well as timing FIA injections via the supply voltage, electromagnetic (EM) signals, and chip temperature.]]></description><subject>Circuit faults</subject><subject>Clocks</subject><subject>Delay locked loop (DLL)</subject><subject>Delays</subject><subject>design automation</subject><subject>fault injection attacks (FIAs)</subject><subject>fault injection monitors</subject><subject>hardware security</subject><subject>Logic gates</subject><subject>Monitoring</subject><subject>Registers</subject><subject>Sensors</subject><subject>Temperature measurement</subject><subject>Temperature sensors</subject><subject>Voltage</subject><issn>0018-9200</issn><fulltext>true</fulltext><rsrctype>article</rsrctype><creationdate>2024</creationdate><recordtype>article</recordtype><recordid>eNotjL1OwzAYRT2ARCk8ABKDX8Dh808ce4zSlhYVMbSIBamyHSe4ahyUuANvT1CZjq7u0UHogUJGKeinl92uyhgwkfEcRC7kFZoBUEU0A7hBt-N4nKYQis7Q58KPoY2kbGM_puDwIoxpCPacfI33oQuxxStzPiW8iUfvUugjfu1jSP2AP0L6wstYk9STCfiSwuU59Z35M-_QdWNOo7__5xy9r5b7ak22b8-bqtySQEEm4py2hdTO1sZawXXDnRNGmNx6Z3LTcMmop05LZ4EpJqdXF4oryUBBYTSfo8dLN3jvD99D6Mzwc6BQFAUA8F8WNFFP</recordid><startdate>20241204</startdate><enddate>20241204</enddate><creator>He, Yan</creator><creator>Su, Yumin</creator><creator>Yang, Kaiyuan</creator><general>IEEE</general><scope>97E</scope><scope>RIA</scope><scope>RIE</scope><orcidid>https://orcid.org/yumin.su@rice.edu</orcidid><orcidid>https://orcid.org/kyang@rice.edu</orcidid></search><sort><creationdate>20241204</creationdate><title>Design-Agnostic Distributed Timing Fault Injection Monitor With End-to-End Design Automation</title><author>He, Yan ; Su, Yumin ; Yang, Kaiyuan</author></sort><facets><frbrtype>5</frbrtype><frbrgroupid>cdi_FETCH-LOGICAL-i106t-cc9b769cbdabb439f3cc4a4a5beca5af3621e1c96cb02826cc497838620807a93</frbrgroupid><rsrctype>articles</rsrctype><prefilter>articles</prefilter><language>eng</language><creationdate>2024</creationdate><topic>Circuit faults</topic><topic>Clocks</topic><topic>Delay locked loop (DLL)</topic><topic>Delays</topic><topic>design automation</topic><topic>fault injection attacks (FIAs)</topic><topic>fault injection monitors</topic><topic>hardware security</topic><topic>Logic gates</topic><topic>Monitoring</topic><topic>Registers</topic><topic>Sensors</topic><topic>Temperature measurement</topic><topic>Temperature sensors</topic><topic>Voltage</topic><toplevel>peer_reviewed</toplevel><toplevel>online_resources</toplevel><creatorcontrib>He, Yan</creatorcontrib><creatorcontrib>Su, Yumin</creatorcontrib><creatorcontrib>Yang, Kaiyuan</creatorcontrib><collection>IEEE All-Society Periodicals Package (ASPP) 2005-present</collection><collection>IEEE All-Society Periodicals Package (ASPP) 1998–Present</collection><collection>IEEE Xplore</collection><jtitle>IEEE journal of solid-state circuits</jtitle></facets><delivery><delcategory>Remote Search Resource</delcategory><fulltext>fulltext</fulltext></delivery><addata><au>He, Yan</au><au>Su, Yumin</au><au>Yang, Kaiyuan</au><format>journal</format><genre>article</genre><ristype>JOUR</ristype><atitle>Design-Agnostic Distributed Timing Fault Injection Monitor With End-to-End Design Automation</atitle><jtitle>IEEE journal of solid-state circuits</jtitle><stitle>JSSC</stitle><date>2024-12-04</date><risdate>2024</risdate><spage>1</spage><epage>12</epage><pages>1-12</pages><issn>0018-9200</issn><coden>IJSCBC</coden><abstract><![CDATA[Fault injection attacks (FIAs) induce hardware failures in circuits and exploit these faults to compromise the security of the system. It has been demonstrated that FIAs can bypass system security mechanisms, cause faulty outputs, and gain access to secret information. Certain types of FIAs can be mounted with little effort by tampering with clock signals and/or the chip's operating conditions. To mitigate such low-cost, yet powerful attacks, we propose a fully synthesizable and distributable in situ fault injection monitor that employs a delay locked loop (DLL) to track the pulsewidth of the clock. We further develop a fully automated design framework to optimize and implement the FIA monitors at any process node. Our design is fabricated and verified in 65-nm CMOS technology with a small footprint of 1500 <inline-formula> <tex-math notation="LaTeX">\mu</tex-math> </inline-formula>m<inline-formula> <tex-math notation="LaTeX">^2</tex-math> </inline-formula>. It can lock to clock frequencies from 2 MHz to 1.26 GHz while detecting all 12 types of possible clock glitches, as well as timing FIA injections via the supply voltage, electromagnetic (EM) signals, and chip temperature.]]></abstract><pub>IEEE</pub><doi>10.1109/JSSC.2024.3504546</doi><tpages>12</tpages><orcidid>https://orcid.org/yumin.su@rice.edu</orcidid><orcidid>https://orcid.org/kyang@rice.edu</orcidid></addata></record>
fulltext fulltext
identifier ISSN: 0018-9200
ispartof IEEE journal of solid-state circuits, 2024-12, p.1-12
issn 0018-9200
language eng
recordid cdi_ieee_primary_10777000
source IEEE Xplore (Online service)
subjects Circuit faults
Clocks
Delay locked loop (DLL)
Delays
design automation
fault injection attacks (FIAs)
fault injection monitors
hardware security
Logic gates
Monitoring
Registers
Sensors
Temperature measurement
Temperature sensors
Voltage
title Design-Agnostic Distributed Timing Fault Injection Monitor With End-to-End Design Automation
url http://sfxeu10.hosted.exlibrisgroup.com/loughborough?ctx_ver=Z39.88-2004&ctx_enc=info:ofi/enc:UTF-8&ctx_tim=2024-12-28T10%3A15%3A23IST&url_ver=Z39.88-2004&url_ctx_fmt=infofi/fmt:kev:mtx:ctx&rfr_id=info:sid/primo.exlibrisgroup.com:primo3-Article-ieee&rft_val_fmt=info:ofi/fmt:kev:mtx:journal&rft.genre=article&rft.atitle=Design-Agnostic%20Distributed%20Timing%20Fault%20Injection%20Monitor%20With%20End-to-End%20Design%20Automation&rft.jtitle=IEEE%20journal%20of%20solid-state%20circuits&rft.au=He,%20Yan&rft.date=2024-12-04&rft.spage=1&rft.epage=12&rft.pages=1-12&rft.issn=0018-9200&rft.coden=IJSCBC&rft_id=info:doi/10.1109/JSSC.2024.3504546&rft_dat=%3Cieee%3E10777000%3C/ieee%3E%3Cgrp_id%3Ecdi_FETCH-LOGICAL-i106t-cc9b769cbdabb439f3cc4a4a5beca5af3621e1c96cb02826cc497838620807a93%3C/grp_id%3E%3Coa%3E%3C/oa%3E%3Curl%3E%3C/url%3E&rft_id=info:oai/&rft_id=info:pmid/&rft_ieee_id=10777000&rfr_iscdi=true